Issues (258)

Security Analysis
not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the
response of a web-request that is viewed by other users. It can for example be used to
bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that
he should not be able to access. These files can for example include database credentials, or
other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files.
This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code,
and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

XPath Injection enables an attacker to modify the parts of XML document
that are read. If that XML document is for example used for authentication, this can lead
to further vulnerabilities similar to SQL Injection.